<?php
require_once("bin/requirecredentials.php");
require_once("bin/data.php");
@session_start();

$user = getUser(@$_SESSION['userid']);

if (!isset($_COOKIE['userid'])||(strlen($_COOKIE['userid'])<1)||($_COOKIE['userid']=='-1'))
{
	// if session info is missing, switch to sign in page.
	header("Location:signin.php");
}

$title="Add a Template";
$link="";
$header="";
$footer="";
$content= <<<EOF
<div id="formentry">
<h2>New Template:</h2>
<form action="cutemplate.php" method="post">
<table border="0" width="100%">
<tr>
	<td align="right" width="40%">
		<span>Title:</span>
	</td>
	<td>
		<input type="text" name="t" id="t" value="" />
	</td>
</tr>
<tr>
	<td align="right" width="40%">
		<span>Description:</span>
	</td>
	<td>
		<input type="text" name="d" id="d" value="" />
	</td>
</tr>
<tr>
	<td align="right" width="40%">
		<span>Template XML:</span>
	</td>
	<td>
		<textarea name="x" id="x" rows="15" cols="70"></textarea>
	</td>
</tr>
<tr>
	<td></td>
	<td>
		<input type="submit" name="pu" id="pu" value="Update" />
	</td>
</tr>
</table>
</form>
</div>
EOF;


if (isset($_REQUEST['pu']))
{
	global $tblusers;
	
	$title = mysql_real_escape_string($_REQUEST['t']);
	$description = mysql_real_escape_string($_REQUEST['d']);
	$templatexml = mysql_real_escape_string($_REQUEST['x']);
	$userid = $user['id'];
	
	$sql = "UPDATE `$tbltemplates` SET 
		title = '$title',
		description = '$description',
		templateXML = '$templatexml',
		userid = '$userid';";
	$result = mysql_query($sql) or die(mysql_error() );
	if ($result > 0)
	{
		header("Location:cutemplate.php");
	}
}
include ("base.php");
echo $html;
?>
